Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 8c5a1e5c6db5b95887631548137124af5e8aff98
https://github.com/WebKit/WebKit/commit/8c5a1e5c6db5b95887631548137124af5e8aff98
Author: Alex Christensen <achristen...@apple.com>
Date: 2025-04-08 (Tue, 08 Apr 2025)
Changed paths:
M LayoutTests/TestExpectations
M LayoutTests/platform/glib/TestExpectations
M LayoutTests/security/decode-buffer-size-expected.txt
M LayoutTests/security/decode-buffer-size.html
M LayoutTests/security/text-decode-long-strings-expected.txt
M LayoutTests/security/text-decode-long-strings.html
M Source/WebCore/PAL/pal/text/TextCodecUTF8.cpp
M Source/WebCore/dom/TextDecoder.cpp
M Source/WebCore/dom/TextDecoder.h
Log Message:
-----------
TextDecoder raises "RangeError: Bad value" exception after 2GB of text
https://bugs.webkit.org/show_bug.cgi?id=280593
rdar://137394167
Reviewed by Darin Adler.
In rdar://130960796 I restricted the total input of TextDecoder when I should've
restricted the incremental output of TextDecoder. I did so by limiting the
String
output size of TextCodecUTF8 to String::MaxLength like we do other places we
make
a String. I verified that other TextCodec implementations all use
StringBuilder,
which safely crashes on overflow, which we can't really test directly right now.
* LayoutTests/security/decode-buffer-size-expected.txt:
* LayoutTests/security/decode-buffer-size.html:
* LayoutTests/security/text-decode-long-strings-expected.txt:
* Source/WebCore/PAL/pal/text/TextCodecUTF8.cpp:
(PAL::TextCodecUTF8::decode):
* Source/WebCore/dom/TextDecoder.cpp:
(WebCore::TextDecoder::decode):
* Source/WebCore/dom/TextDecoder.h:
Canonical link: https://commits.webkit.org/293416@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
